C Exploits
3,628 exploits tracked across all sources.
Yager <5.24 - Remote Code Execution
Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data.
by cybertronic
Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (2)
by kf
Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (1)
by kf
PMSoftware Simple Web Server 1.0 - RCE
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
by cybertronic
GoodTech Telnet Server < 5.0.7 - Remote Buffer Overflow (2)
by cybertronic
Crystal FTP Client 2.8 - Remote Code Execution via Long File Extension in LIST Response
Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension.
by cybertronic
PMSoftware Simple Web Server 1.0 - RCE
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
by c0d3r
TCP/IP ICMP Error Handling - Blind Connection Reset Denial of Service
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
by houseofdabus
WheresJames Webcam Publisher Beta 2.0.0014 - Remote Buffer Overflow
by tarako
Windows Server 2003 and XP SP2 - Denial of Service via Land Attack
Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, aka a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
by Yuri Gushin
Microsoft Windows 2000 and XP - Remote Code Execution via Malformed IP Packet Options
Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability."
by Yuri Gushin
Libsafe <2.0.16 - Privilege Escalation
Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.
by Overflow.pl
Yager 5.24 - Denial of Service via Malformed Data
Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data.
by Luigi Auriemma
SUMUS 0.2.2 - Remote Code Execution via Large Packet to TCP Port 81
Stack-based buffer overflow in the RespondeHTTPPendiente function in the HTTP server for SUMUS 0.2.2 allows remote attackers to execute arbitrary code via a large packet sent to TCP port 81.
by vade79
Lightspeed DeluxeFTP 6.01 - Info Disclosure
Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.
by Kozan
Greylisting daemon (GLD) 1.3-1.4 - Remote Code Execution via Format String in ErrorLog Function
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
by Xpl017Elz
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
by Xpl017Elz
Microsoft Jet DB engine <4.00.8618.0 - RCE
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.
by Stuart Pearson
Linux Kernel <2.6.11.5 - Privilege Escalation
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
by qobaiashi
Rebrand P2P Share Spy <2.2 - Privilege Escalation
Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the registry, which allows local users to gain privileges.
by Kozan
By Source